I just did $20 out
Out of curiosity, did the cashier make you wait for that amount? No, but the mempool was empty and a had a 2 sat/b fee. I don't know what the webpage he was looking at showed but he just took the receipt and scanned it in and handed me 20 singles. This was after I had given him 2 twenties and a ten for the $50 I put in. So I took that as a hint that he really did not want to talk about it. -Dave |
|
|
|
It's funny that they expect everyone to be on telegram, they should have sent out emails right after this shit happened, anyway, mining is going alright, heck, this is less scary than my experience with Poolin a while back, the pool was working just fine but my hashrate was showing zero.
I logged into the .net site and was unable to make any changes to the payout addresses as the email verification never came. They are probably having the same issue with their email server. I was however able to withdraw all mined coin to previously setup payment addresses. I did a quick look at the email that came in on Friday about the name going from .com to .net and it did not have any SPF / DKIM / DMARC information in it so there are a lot of email services that may just blackhole the email not even accept it. What those acronyms mean: SPF = https://en.wikipedia.org/wiki/Sender_Policy_FrameworkDKIM = https://en.wikipedia.org/wiki/DomainKeys_Identified_MailDMARC = https://en.wikipedia.org/wiki/DMARCOn a related note, things like this are why everyone should use DNSSEC, but for some reason trying to get people to do it is an uphill fight. I do it on the 2 domains that I have that matter. But not on the rest. Getting others to do it is just about impossible. There was even a discussion about a year ago on the bitcoin core github about making DNSSEC required for the seed nodes that went nowhere. Would not have made much of a difference on what happened here, but in general it's a good thing. DNSSEC = https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions-Dave |
|
|
|
the fact of their losses is the result of non-existent or obsolete security measures, that is the strong point of this project, limiting the risk of loss, currently anyone with access to a private key can empty the wallet completely, the same with multi-signatures always 2-3, 3-5 should be used. With this project, even if a subwallet has 10000BTC is hacked, your risk of losing will be the amount stipulated by you and not the total of the funds.
An exchange needs a hot wallet that can send enough to keep them running without human intervention. No 2nd password or anything like that. Just Dave requested funds, here they are. They should always keep most of their funds in a cold wallet that is multi-sig and / or hardware based to fill up the hot wallet. Either one needs human intervention. You are just doing it a different way. -Dave Why do you assume that this proposal cannot be automated without human intervention? Because if there is any automation of opening the wallet with the possibility of moving all the funds then it's vulnerable. That is the entire point of cold storage / hardware wallets. Someone has to physically do something. It's not 100% online and vulnerable. Even if it's click a button, you would like to assume the person moving the funds would at least check what is happening. If you can do it without that, then what's the point. -Dave |
|
|
|
It's always good to hear about more bitcoin ATMs being operated globally. I have always wanted to use a bitcoin ATM but sadly my country doesn't have one.
This made me think what if I had a bitcoin ATM. How would I make profits from operating a bitcoin ATM ?
Even if charged 5% for both incoming and outgoing transactions how would I be able to make enough profits to pay the rent and still saving some coins.
Unless and until we don't have our own space to operate an ATM it will be tough to get profits from a Bitcoin ATM.
Guess it really depends on use. At the moment with the dip BTC is at $54,000. If you are moving .1 BTC through it a week that is $5400 Even if you are just selling that is still 5% of $5400 or $270 a week $14,000 a year. Depending on where you live that could be a lot of money or put you well below the poverty line. -Dave |
|
|
|
the fact of their losses is the result of non-existent or obsolete security measures, that is the strong point of this project, limiting the risk of loss, currently anyone with access to a private key can empty the wallet completely, the same with multi-signatures always 2-3, 3-5 should be used. With this project, even if a subwallet has 10000BTC is hacked, your risk of losing will be the amount stipulated by you and not the total of the funds.
An exchange needs a hot wallet that can send enough to keep them running without human intervention. No 2nd password or anything like that. Just Dave requested funds, here they are. They should always keep most of their funds in a cold wallet that is multi-sig and / or hardware based to fill up the hot wallet. Either one needs human intervention. You are just doing it a different way. -Dave |
|
|
|
|
I posted something about this a while ago. It's getting better, and with places like bitrefill other gift card providers & all the exchanges offering credit cards it will get better still. Just slowly.
Big merchants can get reports about where their gift cards are purchased. So as they see more and more coming from places like bitrefill they might take a look and go hmmmm this could work. With PayPal now slowly letting merchants accept BTC / crypto how long till some do it on their own.
Credit cards are a bit different, the merchants might not know but the credit card processors know who controls the cards. How long till they go out and see that the BitPay / Coinbase / etc cards are being used more and decide to process crypto on their own offering it to more merchnats.
It's just inertia. It takes time to get it moving.
-Dave
|
|
|
|
And how did they get access to something that would have affected also f2pool and binance which both have reported issues?
What would be that thing aside from the GFW that could impact everything like this?
Because they all use the same registrar. Had to cut this short, sorry, but you've started with the wrong assumption, no they don't! Neither binance pool, not f2pool use it and I'm willing to bet that kano isn't either. Was going from here: Looks like it might be related to Alibaba Cloud. From CityAMIt seems the major pools of viaBTC, Poolin, F2Pool, Binance and BTCcom suddenly experienced connection interruptions. The only thing they all had in common was their DNS was provided by Alibaba Cloud, a Chinese owned operation. All had stopped resolving. I will admit I didn't look to see where they were, I saw the article posted and did not check more. That is on me. No idea about kano. Without getting into anything else, I will say that if they were using a different DNS provider (outside of China) then nothing makes sense. If China wanted to block external mining then all they had to do was block the pool IPs at the edge of China If they wanted to block internal miners from reaching them then you just block the routes internally to the country. This just puts a (very) small bump in the road. If your stratum did not disconnect then you never stopped mining. If you could get the IPs from someone who had them then you are back mining. If the pools changed name (viabtc.top) and started using cloudflare then you are back mining. Shutting down DNS and not keeping it down does not really do much. And if DNS / registrar were outside of China then there would be no way for them to stop resolving names to IPs. INSIDE China could be stopped, but Phil / Mopar and all of us in the USA and the rest of the world would not have had DNS resolution stop if they were using DNS and registrars outside of China. Since the government controls all telcom in China then it really is as easy as: Router(config)# ip route A.B.C.D Sub.Net.Mask.Here null0 And then propagate it. If you are using Cisco. But more or less it's all the same. -Dave |
|
|
|
And how did they get access to something that would have affected also f2pool and binance which both have reported issues?
What would be that thing aside from the GFW that could impact everything like this?
Because they all use the same registrar. Not saying that it does happen a lot, but it does happen regularly: https://www.zdnet.com/article/hackers-breached-greeces-top-level-domain-registrar/https://www.cpomagazine.com/cyber-security/domain-registrar-godaddy-breached-attackers-trick-employees-into-transferring-ownership-of-cryptocurrency-sites/https://arstechnica.com/information-technology/2019/02/inside-the-dnspionage-hacks-that-hijack-domains-at-an-unprecedented-scale/Now this is also an interesting little take on it. I am not saying that it happened here, just that it has happened. IF I get access to your DNS control I can set the IPs to wherever I like. I then set the TTL (How long once you ask for the IP for me to store it and not check again) to a very high number. So even if you get control there are still places around the world that will give the wrong information for days. However, if you shutdown the domain at the root registrars there is a good chance that even though it said this is the proper IP for this name and don't look for another X seconds. There are actually 2 TTLs (prepare for some really boring shit here) that although not going to be 100% the way it works it's the best I can do in a post not a 120 minute power point seminar.... Picking on stackoverflow.com here I pull all their DNS info: HEADER:
opcode = QUERY, id = 19492, rcode = NOERROR
header flags: reply, auth. answer, want recursion.
questions = 1, answers = 4, auth. records = 4, additional = 0
QUESTIONS:
stackoverflow.com., type = XX, class = 1
ANSWERS:
-> stackoverflow.com.
type = A, class = 1, ttl = 300, dlen = 4
IP address = 151.101.65.69
-> stackoverflow.com.
type = A, class = 1, ttl = 300, dlen = 4
IP address = 151.101.129.69
-> stackoverflow.com.
type = A, class = 1, ttl = 300, dlen = 4
IP address = 151.101.193.69
-> stackoverflow.com.
type = A, class = 1, ttl = 300, dlen = 4
IP address = 151.101.1.69
AUTHORITY RECORDS:
-> stackoverflow.com.
type = NS, class = 1, ttl = 172800, dlen = 23
nameserver = ns-1033.awsdns-01.org.
-> stackoverflow.com.
type = NS, class = 1, ttl = 172800, dlen = 19
nameserver = ns-358.awsdns-44.com.
-> stackoverflow.com.
type = NS, class = 1, ttl = 172800, dlen = 28
nameserver = ns-cloud-e1.googledomains.com.
-> stackoverflow.com.
type = NS, class = 1, ttl = 172800, dlen = 14
nameserver = ns-cloud-e2.googledomains.com. You can see that they have an A (Address) record set to expire in 300 seconds: stackoverflow.com.
type = A, class = 1, ttl = 300, dlen = 4
IP address = 151.101.65.69 BUT they also have these these things called AUTHORITY RECORDS which more or less mean that these are the proper DNS servers for them and don't worry about it for the next 172800 seconds (2880 minutes / 48 hours) so even if you hijack that domain and point it's DNS servers someplace else for the next 2 days from when you looked. IF YOU DNS IS SETUP TO OBEY THE TTLs then you will never ever care where the new DNS servers are. Those listed are it. AUTHORITY RECORDS:
-> stackoverflow.com.
type = NS, class = 1, ttl = 172800, dlen = 23
nameserver = ns-1033.awsdns-01.org.
However, if your domain is shutdown (like what viabtc.com) then it all stops then and there. I go to look for something and the root DNS zones say nope. Now as I said, this is not 100% the way it works but it does give you a general view. If you got control of the domain and did something funky then I could see them doing something like this to stop an attack. Now, I am not saying that is what happened. But all this "China is blocking" stuff just seems a bit off since traffic is passing. If you think about it, if China wanted to block it all they would have to do it tell the registrar, shut off access and give us the domain. And then tell the 100% owned by the government internet provider stop passing traffic to these IP addresses and call it a day. -Dave |
|
|
|
To me, this was the gov adding blocks to the GFW, this took them by "surprise" and they just scrambled to change dns.
And once again no, read what I posted above. Nothing is blocked. Not the IPs, not the services, nothing. The registrar that viabtc.com is hosted at put a block on the domain / shut it down. BUT they left every other VIA name untouched, just the .com is offline. If they wanted to block access all they had to do was put a block at the great firewall and those IPs would have dropped out of existence. But as others have reported, so long as you did not need to re-confirm the IP you could just keep mining. VIABTC could have just gone out and gotten a new domain name anywhere and said go here to mine. But they did not. So something else is going on. I run my own DNS servers, and since I log every request I went back and looked at what my miners asked for, put in those IPs and away they went to mine. There are 2 different things at play here when it comes to DNS 1) How long it takes to change DNS servers i.e. go from alibaba DNS to cloudflare. That is anywhere from 1 to 6 hours. Usually close to 1 hour. 2) How long it takes for other places to notice you changed IPs (having nothing to do with #1) that is configurable. And usually a few hours. BUT a lot of providers can and use their own time limits ignoring what the DNS provider says. I can set it to 1 minute, but no matter what there are a lot of places out there that default to 7200 seconds (2 hours) or 86400 seconds (24 hours) no matter what the DNS server tells them. -Dave Notes: 1) I was not mining BTC but ETH but that should not matter the IPs still pass data no problems. 2) I switched to nicehash as primary since the profit is much higher at the moment but the VIA IPs still show online |
|
|
|
What is interesting is that the registrar for both domains is https://net.cn but the .com is still on registrar hold as of now as I posted above, but the .net is fine. I am starting to think more and more this has nothing to do with anything China related and more of someone got access to something they should not have. If China wanted to block it registrar hold is not the way to do it. Just an edge block would work fine, just like any firewall. If viabtc wanted to deal with this quickly all they would have to do it send out a list of IP addresses to connect to instead of names that needed to be resolved. Since miners that were connected were still connected and mining then we know that the stratum servers and related services are not and were not being filtered or blocked. To me, on the surface that looks like something else. ... and moving DNS outside China is not a 5 minute exercise.
If it's on hold you can't move it at all. If it's not it take about an hour to propagate it. Which was about what the .net did from the alibaba DNS to cloudflare. -Dave |
|
|
|
The biggest issue I am seeing with hosting is that we are small players.
Yeah, that's defiantly an issue. Looks like plenty of options are available if you want 1MW plus of capacity. But even at the level, the host could still just decide they want the space and boot you after the contract is done. So buy $3Million worth of miners with a ~10 month ROI, only to have your host boot you after your 12-month contract.... that could hurt. Although it would probably only happen if profitability is high, so the miners could be worth close to or maybe even more than what you paid. All my S17s are worth significantly more than I paid for them 2 years ago (in $, not BTC obviously...). At that point it's probably better to buy your own container and have that hosted. At least then it would be a little more difficult and costly to decide to boot you when profitability spikes since they'd need to buy their own container and install it. Would be interesting if someplace would host a mini-container, something with a max of 200kw or so. What is kind of interesting is at least IMO is that for the server / network hosting kind of thing 3 year contracts and longer are readily available at least here in the US. 3 years does tend to be the best option for pricing in a lot of them. Looking around at mining stuff it's all month to month or 1yr. So for mining are these hosting facilities expecting you to fail or don't want to commit for more that that amount of time or  I'm wondering if a lot of them are not "real" hosting facilities, but rather someone who is getting space in a much larger facility then sub-leasing to miners. For what the company I work for pays for 4 racks / 8KVA there is no way we could be competitive to rent space to miners. For what the company in the next area over pays 100+ racks and 900KVA they could (don't leave your paperwork sitting on the table in the common area, I will read it). But they obviously have a much bigger monthly bill then we do.... -Dave |
|
|
|
Or they could just use an inexpensive hardware wallet and have 2 wallets on their machine. One that is password protected and the other that needs the HW wallet. Or another form of cold storage and only move when needed. Security protocols must be constantly updated. If we have learned anything from technology, it is that sooner or later they become obsolete. BitGrail, KuCoin, MtGox, Coincheck to mention a few, they relied too much on their security protocols, when talking about money the saying "if it ain't broke, don't fix it" is not valid.
Would not have mattered for any of those BitGrail was 99% a inside job MtGox was a disaster from the start with no security at all. Coincheck did not loose BTC they lost an alt. KuCoin lost a bunch of different coins / tokens and while some was BTC it was from a hot wallet that an exchange needs to function. They need to have a large amount always available to be able to function. Needing human intervention with anything means that you don't need some fancy new setup for security or ANY new setup for security. If there had to be a human there to verify the BTC move then it would not have happened since they would have seen the issue. -Dave |
|
|
|
This is so so nice. I haven't tried yet but it seems very interesting to me. As far as I know, BATM is fully centralized, did it ask for any phone number or KYC documents from you while you using it? I did not use Bitcoin ATM due to my personal anonymity,
Ehh I really don't see how it's a nice thing. It just adds unnecessary steps for most peeps, with the only positive advantage is that new users of the ATM has a customer support ready by default. I suppose that this is just to attract the random "John Doe's" that hear about BTC and want to say that they somehow also have BTC of their own. Even being capped at $100/day I wouldn't feel at rest by just going to a cashier and asking him/her to give me the equivalent in BTC - I just think that it would open myself to being a target. On a curious note, would this[1] be the shop @DaveF? I've searched around Manhattan Avenue and this is the closest one available. If not, I suppose you could submit[2] the location to their website.
[1] https://coinatmradar.com/bitcoin_atm/574/bitcoin-atm-cryptocurrency-atm-harlem-apollo-deli-fruit/[2] https://coinatmradar.com/submit/That was not it, I don't see it listed at all, I don't have the exact address it was raining and still dark out. I just kind of ducked into the 1st place I saw open that had coffee. It was probably after the change from Manhattan Ave to St Nicholas Ave. Still think it was in the 130s but could have been high 120s to low 140s. I was walking for a while at that point and not really paying attention since I knew it was going to be a long, cold, wet, walk. ... Last of all the time it takes to confirm might also vary and unless the miner fee is set quite high then a customer might have to wait around a long time for the transaction to confirm or the business might actually be unaware and put itself at risk if they don't want for adequate confirmations.
So long as there is 1 conf you are usually good to go. But it does give them a bit of play. No RBF and a high enough fee and a small enough amount then you can give the person his cash and let them leave. RBF and low fee, sorry buy another cup of our bad coffee and wait... It was an unbranded machine. No logos or anything, but it looked well built. So I don't know if it was a custom built thing or a new unit that I have not seen yet or something else. -Dave |
|
|
|
This is so so nice. I haven't tried yet but it seems very interesting to me. As far as I know, BATM is fully centralized, did it ask for any phone number or KYC documents from you while you using it? I did not use Bitcoin ATM due to my personal anonymity,
Your description does not specify anything about using phone numbers or KYC. Can you kindly inform me a little bit about this since you have witnessed it first hand?
The sign on the machine said Valid ID needed for all transactions, max $1000 / day. *BUT* it not ask me for anything. I don't know if it's up to the cashier or some other limit or thing. I just did $20 out and $50 in to play with it. The 5% each way was just too much to do more. And the coffee sucked so I was not sticking around. Will be back in the area after the new year so if nobody else gets there I will check again then. -Dave |
|
|
|
|
Was at a small shop in NYC. Rates were not great 5% on either side of the trade. But it was interesting. The ATM handles no cash. If you wanted to buy you spoke to the cashier, gave him cash and you got a receipt with a barcode that you went to the machine with the receipt scanned the barcode and then a QR code for your address and poof BTC in your wallet. To sell you went to the machine and send BTC to the address it gave you and it printed a receipt that you brought to the cashier. Who could then make a judgement call as to wait for a certain number of conformations or just hand you the cash.
I heard mention of them a few years ago, never saw one before.
I think the name of the place was Superior convenience (or close to it) somewhere on Manhattan Ave in the 130s. Was wet and cold and just ran in for a cup of coffee and saw the BATM.
-Dave
|
|
|
|
Can't speak for the others but viabtc either broke something or is a fight with their hosting provider. Doing a whois lookup at the global registry you get: Domain Name: VIABTC.COM
Registry Domain ID: 1989117527_DOMAIN_COM-VRSN
Registrar WHOIS Server: grs-whois.hichina.com
Registrar URL: http://www.net.cn
Updated Date: 2021-11-25T12:15:46Z
Creation Date: 2015-12-23T06:12:17Z
Registry Expiry Date: 2024-12-23T06:12:17Z
Registrar: Alibaba Cloud Computing (Beijing) Co., Ltd.
Registrar IANA ID: 420
Registrar Abuse Contact Email: DomainAbuse@service.aliyun.com
Registrar Abuse Contact Phone: +86.95187
Domain Status: clientHold https://icann.org/epp#clientHold
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: VIP1.ALIDNS.COM
Name Server: VIP2.ALIDNS.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2021-11-26T07:54:48Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
**complete**
The 2 important lines are: Updated Date: 2021-11-25T12:15:46Z and Domain Status: clientHold https://icann.org/epp#clientHoldSo yesterday they (or someone) made a change to their DNS info BUT it does not matter since: https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en#clientHoldclient hold
This status code tells your domain's registry to not activate your domain in the DNS and as a consequence, it will not resolve. It is an uncommon status that is usually enacted during legal disputes, non-payment, or when your domain is subject to deletion.
Often, this status indicates an issue with your domain that needs resolution. If so, you should contact your registrar to resolve the issue. If your domain does not have any issues, but you need it to resolve, you must first contact your registrar and request that they remove this status code. So it's never even making out. Although the Chinese government may have something to do with it, they are not blocking it at the edge. It IP address resolution does not even exist to make it there. Yes I know that does not help, but it's a bit more info. -Dave |
|
|
|
|
So I decided to try something. Can I do 30 days of living on crypto. Using Bitrefill & coinsbee for giftcards and my Coinbase Visa.
Made it from Nov 1st to today with one small exception the other day when I handed a friend some cash for something, since he paid with his own cash.
Without the Visa I would have been dead in the water since there are so many places that you can't get giftcards for. But it was doable.
Because of today being BlackFriday I am going to spend a lot on other credit cards for the discounts / extended 0% interest offers.
Will probably try it again in January to see how far I can really push doing it.
As for 100% crypto / no cash or credit or gift cards. Can't really be done in my situation and location.
-Dave
|
|
|
|
Let's say you order something and choose to pay with cash. The courier won't hand it to you until you pay. You may expect something valuable, but the seller was a dick and put in there a brick.
Bitcoin is closer to hard cash than to CC, for example.
And PayPal is designed closer to an escrow that favors the buyer; comparing Bitcoin with that is like comparing apples with oranges.
I think that all depends on the selling platform. If you buy directly from a seller, you're indeed better with escrow or PayPal. But most things one usually buys from bigger shops/selling platforms. For now most are used with CC/PayPal handling user protection in this kind of matters, but for example AliExpress are themselves escrow - afaik the seller receives the money very late and the buyer has quite a good chance to prove he received broken product/got scammed and get his money back. I guess that for Bitcoin the shops or payment processors (why not?) may have to evolve into handling this too. And, interestingly, CBDCs getting issued may be of help in this matter.
Which does kind of bring up an interesting point about BitPay. They are one of the few that actually work with buyers when the merchant does not deliver. Many of the other custodial ones are still more of a hands off approach. Could be just the way they choose to do business, could be because they are US based and have to deal with other rules, but for all the crap they do, it's still better then the "too bad, so sad" attitude that other BTC / crypto processors have. Not saying BitPay is good, just bringing up the point that having processors have a 'merchant complaint department' would not be a bad thing. -Dave |
|
|
|
|
Because that's the way it was setup? On the other side there are a lot of merchants that took care of the customer and said / delivered what they said they were going to do and faced a CC chargeback or bounced check.
If you hand me cash and I don't do what I said I was going to do / deliver what I said I was going to deliver. How is that any different?
BTC is not 100% cash, but it's close enough to it that we keep telling people to treat their wallets like cash, and secure them with hardware, etc.
That is the point, that is the reason we "flaunt the irreversibility" because once I hand you cash it's yours, once I send you BTC it's yours.
-Dave
|
|
|
|
|
Show Posts
